sbassett closed this task as "Resolved". sbassett added a comment.
We're going to resolve this for now as {icon check-circle color=green} **low risk** since none of the new security tooling added to the Github repo has returned any medium+ risk actionable issues. One caveat would be noting (in the README or wherever) as a kinda-false-positive (and possibly suppressing <https://semgrep.dev/docs/ignoring-findings/>) the TLS issue found by semgrep so as not to cause any future concern. Otherwise, consider this unblocked from an #application_security_reviews <https://phabricator.wikimedia.org/tag/application_security_reviews/> perspective. TASK DETAIL https://phabricator.wikimedia.org/T292110 EMAIL PREFERENCES https://phabricator.wikimedia.org/settings/panel/emailpreferences/ To: Reedy, sbassett Cc: Lucas_Werkmeister_WMDE, sbassett, Michaelcochez, Martaannaj, Lydia_Pintscher, Addshore, WMDE-leszek, karapayneWMDE, Aklapper, Invadibot, Devnull, maantietaja, Akuckartz, Jcross, Dsharpe, DannyS712, Nandana, Lahi, Gq86, GoranSMilovanovic, QZanden, LawExplorer, _jensen, rosalieper, Scott_WUaS, Wikidata-bugs, aude, Bawolff, Mbch331, Legoktm
_______________________________________________ Wikidata-bugs mailing list -- wikidata-bugs@lists.wikimedia.org To unsubscribe send an email to wikidata-bugs-le...@lists.wikimedia.org